From 776bf8b032ff948f0fce039ae4626e11d29f5880 Mon Sep 17 00:00:00 2001
From: Thirunarayanan Balathandayuthapani <thiru@mariadb.com>
Date: Mon, 6 Aug 2018 16:20:15 +0530
Subject: MDEV-14398 When innodb_encryption_rotate_key_age=0 is set, 	
 server won't encrypt tablespaces

- If innodb_encryption_rotate_key_age is zero then innodb doesn't do
re-encryption of encrypted tablespace.
---
 storage/innobase/fil/fil0crypt.cc | 7 +++++++
 storage/xtradb/fil/fil0crypt.cc   | 6 ++++++
 2 files changed, 13 insertions(+)

diff --git a/storage/innobase/fil/fil0crypt.cc b/storage/innobase/fil/fil0crypt.cc
index 757c034d684..7c475e62ba0 100644
--- a/storage/innobase/fil/fil0crypt.cc
+++ b/storage/innobase/fil/fil0crypt.cc
@@ -982,6 +982,12 @@ fil_crypt_needs_rotation(
 		return true;
 	}
 
+	/** If the rotate_key_age is zero then innodb doesn't
+	re-encrypt the encrypted tablespace. */
+	if (rotate_key_age == 0) {
+		return false;
+	}
+
 	/* this is rotation encrypted => encrypted,
 	* only reencrypt if key is sufficiently old */
 	if (key_version + rotate_key_age < latest_key_version) {
@@ -1267,6 +1273,7 @@ fil_crypt_space_needs_rotation(
 			fil_crypt_get_key_state(key_state, crypt_data);
 		}
 
+
 		bool need_key_rotation = fil_crypt_needs_rotation(
 			crypt_data,
 			crypt_data->min_key_version,
diff --git a/storage/xtradb/fil/fil0crypt.cc b/storage/xtradb/fil/fil0crypt.cc
index 3daa461445d..588f01b52f9 100644
--- a/storage/xtradb/fil/fil0crypt.cc
+++ b/storage/xtradb/fil/fil0crypt.cc
@@ -982,6 +982,12 @@ fil_crypt_needs_rotation(
 		return true;
 	}
 
+	/* If rotate_key_age is zero then don't re-encrypt
+	the encrypted tablespace. */
+	if (rotate_key_age ==0) {
+		return false;
+	}
+
 	/* this is rotation encrypted => encrypted,
 	* only reencrypt if key is sufficiently old */
 	if (key_version + rotate_key_age < latest_key_version) {
-- 
cgit v1.2.1